Festival Director Pty Ltd Privacy Policy

This policy applies to personal information collected by Festival Director Pty Ltd. It was last updated in January 2016.
Festival Director Pty Ltd adheres to the provisions set out in the Privacy Act 1988 including the Australian Privacy Principles, which set out standards, rights and obligations on how we handle and maintain your personal information. This includes how we will collect, store, use, disclose, quality assure and secure personal information, as well as your rights to access or correct your personal information.

Complaints and feedback – provided to us in the course of any events we provide our services to (eg administering ticket sales for your event)

Legal advice - provided by lawyers in relation to any events we provide our services to

Employment and personnel information relating to our contractors and volunteers – the workforce engaged to help deliver services at your event

We collect this information in a variety of ways, including online, in person or via telecommunications.
We only collect personal information where that information is reasonably necessary for, or directly related to, one or more of our functions or activities. We will only collect sensitive information (such as bank account or tax file numbers) if you consent and it is reasonably necessary for, or directly related to, our business activities.
When we collect personal information, we will, under the Privacy Act, notify you of the purpose for which we require the information, and any person or organisation to whom we will disclose the information (eg a payment gateway for you to collect revenue from ticket sales, such as PayPal).

Kinds of personal information that we hold

The personal information we collect and hold will vary depending on what we require to perform our functions and responsibilities.

Your customers (event patrons)

Name, phone number and email contact

NOTE: We do not at any time collect nor access your customers’ bank account details or credit card numbers for the purposes of selling tickets. All sales transations are completed using trusted payment gateway suppliers such as PayPal or Stripe.
We do not at any time collect nor hold monies from your customers in relation to ticket sales for your event.

Our contractors and volunteers

Name, address and contact details

Emergency contact

Bank account details and ABN (when paying for contractor services)

Use and Disclosure of Personal Information

We will not disclose your personal information to other organisations, government agencies or individuals unless you consent or the following exception applies:

You would reasonably expect us to use the information as part of our regular business activities (eg setting up your payment gateway for ticket sales or contacting an event patron experiencing difficulties purchasing their ticket)

It is legally required or authorised, such as by an Australian law, court or tribunal order

We have reason to suspect that unlawful activity, or a misconduct of a serious nature, which relates to our business activities has been or is being engaged in and we reasonably believe that it is necessary for us to take appropriate action in relation to the matter (eg ticket scalping)

Data Security

Under the Privacy Act we must take reasonable steps to ensure that the personal information we hold is safe and secure.

We aim to protect your data from unauthorised access, use, modification, disclosure, loss or other misuse. To achieve this, we prefer to store our information electronically, we safeguard our ICT systems against unauthorised access and ensure any paper based information is secured. Access to your personal information within our systems is only available to our contractors in order for them to undertake our work (eg scanning patrons’ tickets when entering your event).

All of our data is securely hosted on Microsoft Azure SQLServer databases which are protected by IP based firewalls and encrypted logins.

If a data breach occurs, such as if personal information that we hold is subjected to unauthorised use, disclosure or loss, we will respond in line with the requirement of the Australian Privacy Commissioner. We will aim to provide timely advice to you to ensure you are able to manage any loss – financial or otherwise – that could result from the breach.

When any personal information that we collect is no longer required, we will delete or destroy it in a secure manner, unless we are required to maintain it due to law, or a court or tribunal order.

Access to your Personal Information

You have a right to access any personal information we hold about you. You also have a right under the Privacy Act to request corrections to any personal information that we hold about you if you think the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.